- Teddy joe
- Cyber affairs correspondent
Hackers earned $ 40 million (£ 28 million) in 2020 thanks to software vulnerabilities through a leading reporting service in exchange for bonuses.
Hiker One said nine hackers made more than $ 1 million after their findings were reported by the affected organizations.
The total income of a Romanian man, who began hunting for computer defects two years ago, exceeded $ 2 million. One of Britain’s highest earners was a pirate who earned $ 370,000 last year.
The forum concluded that the epidemic gave volunteers more time to move forward in this effort.
A poll conducted by “Hacker One” indicated that 38 percent of respondents have spent more time on theft since the start of the Kovid-19 outbreak.
Many of the respondents work part-time and are located in dozens of different countries, including the United States, Argentina, China, India, Nigeria, and Egypt.
The amount to be given to a hacker depends on the severity of the security vulnerability discovered, and can range from less than $ 140 to a much larger amount.
Hacker-One, which is based in California, charges membership fees to companies using its platform.
Katie Paxton-Fair, a British lecturer at the University of Manchester, says she suffers from security vulnerabilities in her spare time.
She says that although earning money is a good thing, it is not a quick business.
“I made around £ 12,000 in 12 months,” she told the BBC.
“I remember the first time I discovered vulnerability. I was in awe and trembling, and realized that what I had done was a wonderful thing. I rescued people from very large security holes.”
“I don’t just use my time to try to win prizes. I actively help secure the applications that I use, that’s why it’s a challenge to do something good Inspired by desire, ”she said.
Another French-based platform called Yes-V-Hack said that 22,000 hackers working for it discovered several security vulnerabilities twice in 2020 compared to the previous year.
The platform did not publish numbers relating to monetary rewards made through its service.
“, Given the new risks and the importance of cyber security, which helps companies overcome economic difficulties, a growing number of senior security officers have resorted to gaining information by offering bonuses to those looking for security vulnerabilities , ”Said Chief Executive Officer Guillum Vasu-Hauler. Of the company.
Another company, an information security platform called Bug-Crowd, said it has seen a 50 percent increase in content exposure on its platform over the past 12 months.
And commercial programs that specialize in offering bonuses to those searching for a security vulnerability have gained popularity during the last five years, but some experts believe that security holes are included in the system if it relies on too much is.
Victor Jeffers, a researcher in Internet security who runs the GDI Foundation in the Netherlands, responsible for the discovery of vulnerabilities, said he never accepted money for what he had done.
“We do not participate in the award for those who discover security vulnerabilities, as they are sometimes too narrow and allow researchers to search for security holes only in parts of the system Are, “he said.
“We want to be able to find deficiencies morally where we think they exist, and to maintain our independence,” he said.
“But for junior researchers or students in Internet security matters, these commercial forums that award rewards to those who find security vulnerabilities are great because they provide the user with a lot of security, resources and a way to get started. Is the ideal place, ”he concluded. .